Knowledge base
1000 FAQs, 500 tutorials and explanatory videos. Here, there are only solutions!
This guide concerns the redirection of web traffic to a specific port, including when using a dedicated IP and a specific web application (such as Node or Varnish for example).
Prerequisites
- Install
HAProxyon the Cloud Server.
Redirect web traffic to a specific port
By default, on Serveur Cloud, web traffic is sent to Apache. To send requests to a Node script or another service (provided it "listens" on a port between 4000 and 4009), you must go through HAProxy.
This applies notably to servers Express, Socket.IO, Meteor.js, Nuxt.js, Django, Flask, Ruby on Rails, even possibly Java (J2E), etc.
For this, you must ensure that the service is listening on a port between 4000 and 4009 (especially with server.listen(4000) for Express or a basic HTTP Node server, but depending on the type of project by other means, a configuration file, in the code or otherwise) and on all interfaces (0.0.0.0).
It will also be necessary to configure HAProxy as in the example below:
- Click here to access the management of your product on the Infomaniak Manager (need help?).
- Click directly on the name assigned to the relevant product.
- Click on Fast installer in the left sidebar.
- Click on the action menu â‹® located to the right of
HAProxy. - Click on Configure:
- Choose the desired information and save:
Retrieving the source IP of a request
When you redirect web traffic to your web application, the way requests are handled changes, and the request is first received by a reverse proxy (local to the server) which then forwards the request to the chosen port. Thus, due to the request forwarding, the methods usually used to retrieve the visitor's IP will return the IP of the reverse proxy instead of the visitor's.
To retrieve the real source IP of the visitor in these cases, you need to consult an HTTP header named X-Forwarded-For, which will contain the source IPs accumulated during each redirection. This header will therefore contain the original IP address of the client last, allowing the real visitor to be identified.
Warning: It is important to note that HTTP headers can be manipulated, which presents security risks. To minimize these risks, it is recommended to verify that the request comes from a reliable server before trusting the content of the X-Forwarded-For header. This verification may involve ensuring that the request was transmitted by a trusted intermediary server, identified by a pre-established list of IP addresses. In the case where the site uses a dedicated IP, the trusted servers are:
- 83.166.133.15
- 83.166.133.17
- 83.166.133.16
- 84.16.92.5
- 84.16.92.43
- 10.2.32.255
- 10.2.34.164
This guide explains how to reset a VPS Cloud / VPS Lite.
Preamble
- This procedure deletes all the content of the volume dedicated to the operating system (
/dev/vda). - In the case of a VPS Cloud, the volume dedicated to data storage (
/dev/vdb) is not affected by the reset.
Warning: depending on the installed operating system, the system volume may be named /dev/sda, /dev/sda1 or /dev/vda… same for the data volume /dev/sdb, /dev/sdb2 or /dev/vdb … It is therefore necessary to replace these indications with those corresponding to your situation.
Reset the OS VPS Cloud / VPS Lite
To access the VPS:
- Click here to access the management of your product on the Manager Infomaniak (need help?).
- Click directly on the name assigned to the relevant product.
- Click the Reset button.
- Follow the displayed instructions to complete the reset.
This guide explains how to restore a snapshot of VPS Cloud Infomaniak.
Warning: depending on the installed operating system, the system volume may be named /dev/sda, /dev/sda1 or /dev/vda; the same applies to the data volume /dev/sdb, /dev/sdb2 or /dev/vdb … It is therefore necessary to replace these indications with those corresponding to your situation.
Restore a snapshot
To do this:
- Click here to access the management of your product on the Infomaniak Manager (need help?).
- Click directly on the name assigned to the product in question.
- Click on Snapshot in the left sidebar.
- Click on the action menu â‹® to the right of the relevant item in the displayed table.
- Click on Restore:
- Click on the blue button to start the snapshot restoration.
- An email is sent when the snapshot is restored.
Restore the operating system disk
Restoring the system volume as shown in the example above is an irreversible operation. The operating system disk will be replaced by the snapshot and the server will be in the exact state of the backup date.
The data stored on the data volume (vdb) is not affected by this operation.
Restore the data disk (vdb)
Two data restoration modes are possible:
1. "Read-only" mode
If the size of the snapshot differs from the size of the volume, only this read-only mode is available.
This option allows you to mount the snapshot data image, enabling read-only access to the backup data.
For your information, here are some useful commands to leverage your backup:
- To access the main data volume:
mount /dev/vdb /mnt/. - To mount the data volume in a specific "backup" folder:
mount -o nouuid -o ro,norecovery /dev/vdc /backup.
To find out which letter to use (/dev/vd?), use the command lsblk:
2. "Restore" mode
Data volume restoration is an irreversible operation. The data disk (vdb) will be replaced by the snapshot. At the end of the restoration, it will be necessary to remount the data volume so that your operating system refreshes the content.
The following procedure and commands are provided for informational purposes only:
- Make sure your data volume is not mounted:
* umount /mnt(/mnt or the location you chose to access your data). - Remount the data volume:
* mount /dev/(vdb) /mnt
To find out the name of the data volume attached to your server, use the command lsblk (see above).
This guide relates to the execution of scripts launched via SSH on various types of machines.
No time limit
There is no predefined time limit for the execution of scripts launched via SSH, meaning that the script can run as long as necessary. However, if the SSH session ends, the script will also be interrupted.
It is possible to run scripts in the background to avoid this issue. In this case, the script will continue to run even if the SSH session is interrupted.
Other resources may be limited either by the machine's capacity or by the configuration (PHP scripts limited to 512 MB of memory, for example).
It is possible to change these limits on Serveur Cloud machines, but not on hébergements mutualisés.
This guide helps you understand the "Your Connection Is Not Private" error when you try to access a website, whether you are the site owner or a simple visitor.
Understand the error
The error "Your Connection Is Not Private" sometimes appears in your browser when it has trouble establishing a secure connection with the site you are trying to visit. This usually happens when the website does not have a valid security certificate and does not use the SSL/TLS protocol to protect communication between the site and your web browser.
In fact, this is a security measure aimed at protecting your data. Websites with invalid SSL certificates may have security issues, making them less reliable. They can also expose your personal information to hackers if you enter sensitive data, such as your login credentials or payment information.
If you are a visitor
This may be due to configuration errors, such as an insecure Wi-Fi connection, incorrect date and time on your computer, or even an SSL/HTTPS scan by your antivirus software.
If you own a Infomaniak website
Have you installed an SSL certificate?
Learn about the different certificates available on the Infomaniak site.
And if you already have an SSL certificate for your site, have you updated it to include any potential site aliases?
Check the SSL certificate expiration date
Certificates are renewed automatically. To check the expiration date:
- Click here to access the management of your product on the Infomaniak Manager (need help?).
- Check the column containing the expiration dates:
Check the installation
If you think you have already enabled SSL on your site, check a few points in this other guide.
Infomaniak does not provide root access on Serveur Cloud.
On the other hand, root access is possible on:
This guide explains how to benefit from new versions of PHP, MySQL and many other packages by migrating a Cloud Server to new Infomaniak infrastructure.
Migration procedure
By migrating your data to the new Cloud infrastructure, you enhance the performance and reliability of your sites, which will have access to the latest technologies:
- Click here to access the management of your product on the Infomaniak Manager (need help?).
- Click directly on the name assigned to the relevant product.
- Click on the blue button in the "Upgrade your Cloud Server" box (or on Manage):
The migration is free and takes place in 3 steps:
- Infomaniak provides a state-of-the-art Cloud Server with the same characteristics, at the same price and with the same commitment period as the current one.
- You have one month to move your hosting to the new Cloud Server provided (read below).
- Once your hosting services have been moved to the new server, cancel the old Cloud Server.
Regarding step 2...
When moving a hosting from one Cloud Server to another:
- FTP access and databases do not change.
- Only the supported versions of PHP and MariaDB, as well as the server's IPv4 and IPv6 addresses, change for the hosting.
- Hostnames do not change and are automatically updated to point to the new IP addresses.
This guide concerns the installation of Python modules, possible on Serveur Cloud.
Installation of Python modules on Serveur Cloud
The installation is done through PIP, which is a package manager used to install and manage packages written in Python.
Infomaniak offers PIP and PIP3 through the Fast Installer.
Once PIP is installed, you will be able to install Python modules by specifying --user in the command.
For example:
pip3 install mysql-connector-python --userThis guide concerns the ODBC functions of PHP.
What is ODBC?
Here are some examples of using the ODBC functions of PHP:
- Read data from an external database and display it on your website…
- Insert or modify data in an external database…
- Perform complex queries on an external database…
This guide explains how to work without the PECL SSH2 client module, which is unavailable on Infomaniak Web Hosting and Cloud Servers, by using the phpseclib library instead, which runs in native PHP without requiring any specific extension.
Foreword
- Using
PECL SSH2 clientresults in errors such asNo compatible key exchange algorithms foundorUnable to exchange encryption keysin its latest available version. Phpsecliballows for:- SSH authentication via password or private key.
- Remote command execution.
- Secure file transfer (SFTP).
- SSH key management.
Using phpseclib
To integrate an SSH connection into a PHP script, use phpseclib as follows:
use phpseclib3\Net\SSH2;
use phpseclib3\Crypt\PublicKeyLoader;
$ssh = new SSH2('domain.xyz');
$key = PublicKeyLoader::load(file_get_contents('/path/to/private_key'));
if (!$ssh->login('utilisateur', $key)) {
exit('Authentication Failed');
}
echo $ssh->exec('ls -la');